Meta AI Exploited in Massive Breach: Prompt Injection Attack Compromises Over 20,000 Instagram Accounts (Pinterest)
New Delhi: Hackers have broken into over 20,000 Instagram accounts using a method the platform had no defense against. They did not steal passwords. They did not send phishing links. Instead, they manipulated Meta's own AI chatbot to gain access. Meta has confirmed the breach. The attack has raised serious questions about AI security across the tech industry. Meta has confirmed the breach.
Hackers fed specific commands to Meta's AI chatbot. The system responded by leaking sensitive account data it should never have shared. No code was broken. No firewall was bypassed.
The AI was simply tricked into handing over the information.
This technique is called prompt injection. The attacker gives the AI carefully crafted instructions. The system follows them, and in doing so, breaks its own rules.
Hundreds of high-profile Instagram accounts were compromised. Their data was then listed for sale on the dark web. Regular users also received security notifications from Instagram, asking them to change passwords and enable two-factor authentication.
Meta says the vulnerability had been fixed. The company acknowledged that a weakness in its AI system was exploited to gain unauthorized access to user accounts.
It also matters because password leaks and phishing attacks are old problems. Companies have built defenses against them. This is different.
When the AI itself becomes the attack surface, existing security tools offer little protection. One successful manipulation can potentially expose millions of accounts at once.
The tech industry is now watching closely. The conversation around AI has mostly focused on its capabilities. This incident forces a harder question, about its risks.
Copyright © 2026 Top Indian News
